Senior Cloud Compliance Engineer @ Warner Bros. Entertainment Group - Burbank, CA
Senior Cloud Compliance Engineer
Post a job for free in Burbank, CA
Business: Warner Bros. Entertainment Group
Position Type: Full TimeJob ID 177545BR
WarnerMedia is a leading media and entertainment company that creates and distributes premium and popular content from a diverse array of talented storytellers and journalists to global audiences through its consumer brands including: HBO, HBO Now, HBO Max, Warner Bros., TNT, TBS, truTV, CNN, DC Entertainment, New Line, Cartoon Network, Adult Swim, Turner Classic Movies and others.
Warner Media, LLC and its subsidiaries are equal opportunity employers. Qualified candidates will receive consideration for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law.
Business Unit Overview
WB Technology combines Warner Bros.’ industry-leading technologists and disciplines to ensure global alignment with business strategy and accelerated delivery of innovative technology solutions studio- and industry-wide. From pre-production through archiving, the WBT organization will provide critical business and technology intelligence and services to all Studio business units. WBT manages the Studio’s enterprise systems and solutions, emerging platforms, information security, consumer intelligence, content mastering and delivery, and more.
Warner Bros. has been entertaining audiences for more than 90 years through the world’s most- loved characters and franchises. Warner Bros. employs people all over the world in a wide variety of disciplines. We're always on the lookout for energetic, creative people to join our team.
This role will be responsible for the set-up and maintenance of all Data Intelligence AWS infrastructure and platforms, including networking and security controls, VM provisioning, monitoring/logging systems and respective tooling. You will be responsible for helping design, secure, and maintain infrastructure for the team. This includes, VPCs, subnets, route tables, peering connections, Virtual Private Gateways, network ACLS, security groups, IAM, Cloudwatch. Cloudtrail, Inspector, AWS Config, etc. This engineer will work with the Director, Cloud Compliance & System Engineering to automate all infrastructure, build out self-healing microservices for continued compliance, assist teams with their move to automated CI/CD among other things. He/she will be responsible for leveraging automation technologies for all repeatable tasks and should have significant experience with Terraform, Ansible and Cloudformation. The Director, Cloud Compliance & System Engineering will work closely with his/her management to build SbD frameworks specific to DI that will keep cloud environments secure while also providing project teams the ability to quickly and efficiently meet business objectives.
- Work with all DI teams to set-up and troubleshoot network infrastructure including subnets, gateways, VPN tunnels, private links and peering connections.
- Actively work with DI teams throughout their SDLC leveraging deep AWS and cybersecurity knowledge to build secure, WM CSO compliant and best in class solutions that follow well-architected patterns.
- Monitor Evident IO/Prisma reports and build automation where it makes sense for auto-remediation of vulnerabilities.
- Work with leadership to help drive the policies and procedures within DI to ensure security by design.
- Maintain a comprehensive understanding of all CI applications, platforms, data flows, technologies, security controls, threats, weaknesses and countermeasures.
- Contribute to the design and implementation of the DI self-service cloud platform, Spitfire.
- Build automation and self-healing cloud solutions to ensure continued
- compliance with Warner Media cybersecurity policies as well as AWS well architected best practices.
- Develop Continuous Integration / Continuous Delivery processes to help deliver software of higher quality at greater speed.
- Work closely with application teams to automate infrastructure and configuration management and achieve immutability.
- Provide expertise on tooling that can be used to effectively monitor and review logs across the AWS environment s and data platforms; specifically EMR, Elastic, Redshift, etc.
- Work closely with developers to ensure that our products are built to effectively utilize AWS.
- Works as part of our DevOps cultured team focusing on architecting, building, and supporting DI teams leveraging the cloud platforms.
- Build creative engineering solutions to operational problems focusing on optimizing existing systems, building infrastructure and automating manual operational tasks.
- Perform Root Cause Analysis of production issues to identify potential improvements.
- Advocate for reliability practices across our DI organization.
- Help lead initiatives for upgrading and scaling our systems to improve availability, reliability, and performance.
- Collaborate with development teams to meet each other's requirements in an agile, rapidly increasing infrastructure with the shared goal of improving software deployment processes, monitoring, management, and incident response.
- Set-up and configure log monitoring across all aspects of AWS security including VPC flow logs, S3 logs, Cloud trail logs, etc.
- Bachelor’s Degree in Computer Science, Engineering or similar required.
- 5-7 years of relevantexperience:
- Working as a software engineer in a DevSecopsculture.
- Working with AWS technologies (e.g. Cloudtrail, Cloudwatch, Inspector, AWS Config, S3, Security Hub, WAF, GuardDuty,Lambda).
- Experience with Configuration Management Tools like Terraform, Ansible, Chef orPuppet.
- Experience managing multiple, simultaneousprojects.
- Experience with data platforms and datasecurity.
- Integrating security controls into new systems andapplications.
- Research product and technical data in order to recommend products, technologies, and processes for ongoingprojects.
- Hands-on experience deploying, managing, and operating highly available, scalable and self- healing systems on AWS.
- Experienced in designing the overall Virtual Private Cloud VPC environment including serverinstance, storage instances, subnets, availability zones,etc.
- Should know how to design AWS AMI architecture including machine templates andblueprints.
- Selecting the most appropriate AWS service based on compute, data, or securityrequirements.
- Identifying appropriate use of AWS architecture and operational bestpractices.
- Defining, deploying and monitoring metrics and logs on AWS.
- Performing implementation, maintenance and optimization of network hardware, software, and communication links of the AWSinfrastructure.
- Production experience to build scalable systems (load balancers, memcached, master/slavearchitectures).
- Experience setting up SSLcerts.
- Setting-up,configuring,andoperatingnetworkingdevicesincludingproxyservers,loadbalancers and networkswitches.
- Evaluate, test and install security updates using automated tools & software.
- Building and testing disaster recovery plans in AWS.
- Implementing security controls where data is confidential.
- Troubleshooting advanced hardware and network configurationissues.
- 5+ years of AWS network and security engineeringexperience.
- 5+ years of software development experience ideally node.js, python and/orjava.
- Strong knowledge of security concepts and common cybersecurityframeworks.
- Experience with Linux infrastructures, database SQL (MS SQL), CI/CD tools, scripting such asPython, Perl, Ruby, .NET, Scrum/Kanban/SAFe, Agile workflowmethodologies.
- Up-to-date on latest industry trends; able to articulate trends and potential clearly andconfidently.
- Strong troubleshootingcapabilities.
- Strong knowledge of published AWS Security bestpractices.
- Strong understanding of the OSI and/or TCP/IPmodel.
- Intermediate level UNIX/LINUX systems administration experience (PowerShell, Korn Shell, BASH, Python,SSH).
- Intermediate level Windows Server experience, along with ActiveDirectory.
- CISP, CCSP, CISSP, CCNA or similarcertification.
- Experience working with networking technologies including DNS, TCP/IP, SSL, DHCP and LoadBalancing.
- Basic understanding of SQL language is a plus.